A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.

 

MedStar Health, Latest Medical Services Ransomware Target

Early this week, MedStar Health, one of the largest healthcare providers in Maryland, was the victim of a ransomware attack that lead to the complete shutdown of their computer systems. Fortunately, for patients, it appears no information was stolen and all of their facilities have remained open, though currently lacking access to digital patient records.

http://www.csoonline.com/article/3048825/security/ransomware-attack-hits-medstar-health-network-offline.html#tk.rss_news

College Board Reports Security Breaches Allow Leaked SAT Tests

Recently, it has been discovered that, due to many security vulnerabilities in the College Board, the most recent version of the SAT has been compromised in several Asian countries. The latest report confirms that many prep schools throughout China and South Korea are teaching past SAT questions that will likely be used again, allowing some students to attain perfect scores, by having studied the answers beforehand.

http://www.reuters.com/investigates/special-report/college-sat-one/

Phishing Attack Nearly Costs Mattel $3 Million

Last year, toy maker Mattel was the victim of a phishing attack that lead to $3 million USD being transferred to a bank in Wenzhou, China. In this case, the new CEO’s email was spoofed to a financial executive that requested a large transfer, that was luckily caught and the account frozen before it was withdrawn. With social engineering being a prevalent source of corporate information, authentication for highly sensitive transfers of information or funds should be mandatory.

http://www.csoonline.com/article/3049392/security/chinese-scammers-take-mattel-to-the-bank-phishing-them-for-3-million.html#tk.rss_news

Federal Court Phone Scams On the Rise

Many people have been the victims of a scam call asking for access to your computer, or scaring you into giving up credit card information, but lately a new call has people worried. It comes in the form of a demand to quickly pay a fine for missing a jury duty summons, or have a warrant issued for your arrest. This type of scare tactic has become more aggressive, but also more detailed with the information they seem to “know” about you.

https://nakedsecurity.sophos.com/2016/03/31/us-federal-court-you-didnt-show-up-for-jury-duty-scammers-slicker-than-ever/

Computer Science Student Finds Valve Vulnerability

This week, a 16-year old student from the University of Salford successfully exploited a vulnerability that allowed him to publish a game to Steam without being reviewed by a Valve employee. He also made a blog post explaining how he was able to go about exploiting the bug, which has since been fixed.

https://www.helpnetsecurity.com/2016/03/30/steam-review-bypass/

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This